17 matches found
EUVD-2022-45876
Malicious code in bioql PyPI...
CVE-2022-42813
A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution...
CVE-2022-42813
A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution...
Design/Logic Flaw
A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution...
CVE-2022-42813
A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution...
CVE-2022-42813
A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. Processing a maliciously crafted certificate may lead to arbitrary code execution...
CVE-2022-42813
CVE-2022-42813 concerns a certificate validation issue in WKWebView. It affects Apple platforms and is addressed in tvOS 16.1, iOS 16.1 / iPadOS 16, macOS Ventura 13, and watchOS 9.1. The vulnerability could allow processing a malicious certificate to execute arbitrary code. Affected component: W...
CVE-2020-12414
IndexedDB should be cleared when leaving private browsing mode and it is not, the API for WKWebViewConfiguration was being used incorrectly and requires the private instance of this object be deleted when leaving private mode. This vulnerability affects Firefox for iOS 27...
Secure Apps / SecureWeb Supportability with WkWebview framework
WkWebView is not supported in the following scenarios: Devices running iOS 10 or earlier. Setups configured for Full VPN Mode. Setups running Endpoint Management integration with EMS/Intune. Apps that use two instances of the WKWebView component simultaneously. If you are already using the Full V...
ownCloud iOS Application 3.7.3 Cross Site Scripting Vulnerability
Exploit for iOS platform in category web applications COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: ownCloud iOS Application owncloud.iosapp 1 Vendor: ownCloud Gmbh CSNC ID: CSNC-2018-016 CVE ID: N/A Subject: Cross-Site Scripting in ownCloud iOS...
ownCloud iOS Application 3.7.3 Cross Site Scripting
COMPASS SECURITY ADVISORY https://www.compass-security.com/research/advisories/ Product: ownCloud iOS Application owncloud.iosapp 1 Vendor: ownCloud Gmbh CSNC ID: CSNC-2018-016 CVE ID: N/A Subject: Cross-Site Scripting in ownCloud iOS Application's WebViews Risk: Low Effect: Remotely exploitable...
CVE-2016-4763
WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2016-4763
WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2016-4763
WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Design/Logic Flaw
WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2016-4763
WKWebView in WebKit in Apple iOS before 10, iTunes before 12.5.1 on Windows, and Safari before 10 does not properly verify X.509 certificates from HTTPS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2016-4763
CVE-2016-4763 affects WKWebView in WebKit across Apple platforms (iOS before 10, Safari before 10) and iTunes before 12.5.1 on Windows. Root cause: certificate validation failure in WKWebView leads to improper verification of HTTPS X.509 certificates, enabling MITM attackers to spoof servers and ...